BSP to hike policy rates again in Dec.

by Lee C. Chipongian

BSP to hike policy rates again in Dec.

By Lee C. Chipongian

The Bangko Sentral ng Pilipinas (BSP) is expected to go for another policy rate hike of 50 basis points (bps) on Dec. 15, lifting the overnight borrowing rate to 5.50 percent. 

BSP Governor Felipe M. Medalla said they will keep a tightening mode and maintain a decent interest rate differential between the BSP and US Federal Reserve funds rate to stabilize exchange rate pressures.

The BSP chief, however, has not yet signalled by how much the Monetary Board will increase the policy rates next month, but the possibility of again matching the US Fed action is high.

BSP Governor Felipe M. Medalla

Medalla is also ruling out a pause in the immediate future. “The forex (foreign exchange) market is expected to remain very sensitive to the interest rate differential. A 50 (bps) by the US Fed in December can’t be met by a pause by the BSP,” he told Manila Bulletin. 

He has said before that interest rate differential should be at least a 100 bps. As of Nov. 2, the US Fed rate stood at 3.75 percent to four percent versus the BSP’s five percent as of Nov. 17.

On Friday, Nov. 18, the peso vis-à-vis the US dollar closed stronger at P57.26 compared to P57.36 on Nov. 17, the day the BSP announced its expected BSP rate hike.

In a press briefing after the Monetary Board meeting, Medalla said they cannot let the interest rate differential to fall back at this time.

“We don’t really have a model that says if the interest rate is this, the exchange rate will be this, because there are so many things that cause the exchange rate to move. However, what we do know is if the interest rate differential is too small especially during times when the US economy is the only game in town, then the peso” will tend to behave abnormally, he said.

“This is the reason why right now, the US policy rate is a bigger influencer of our policy rate than normal,” Medalla added.

Weeks before the Nov. 17 Monetary Board policy meeting, Medalla has communicated early on that they will raise the reverse repurchase rate or the RRP by 75 bps. 

Medalla on Thursday said this will probably be the last time that the BSP will do a big rate increase. The recent 75 bps rate adjustment is the second one, the first was an off-cyle move last July.

The BSP has jacked up the rates by a cumulative 300 bps to battle high inflation and exchange rate pressures. As of end-October, the inflation rate averaged at 5.4 percent. For the rest of the year, the BSP forecasts inflation to exit at 5.8 percent. Medalla said inflation will peak in November or December but it will not likely breach eight percent. In October, inflation climbed to a 14-year high of 7.7 percent from 6.9 percent in September

The last time the RRP rate was at five percent was on Jan. 29, 2009, before the interest rate corridor system was implemented in 2016, which adjusted the monetary policy transmission to bring market rates closer to the BSP rate.

Medalla said the US Fed is now signalling that they could increase funds rate in smaller doses after four 75 bps in a row. This could temper the US dollar’s strength in favor of regional currencies, especially the peso which has lost P8.1 or 15.7 percent last Sept. 29 when it depreciated to its record lowest of P59 versus the end-2021 closing rate of P50.99.

The last two rate increases on Sept. 22 and Nov. 17 were essentially responses to what the US Fed did.

The BSP initially increased the rates gradually from a two percent flat rate since November 2020. It started with two 25 bps adjustment on May 19 and June 23, followed by a surprised 75 bps off-cycle move on July 14. The fourth and fifth rate hikes were 50 bps each on Aug. 18 and Sept. 22, followed by a 75 bps increase on Nov. 17. The next and last Monetary Board policy meeting for the year is on Dec. 15.

Since price stability is a key BSP mandate, the six in a row policy rate increases are intended to bring back the inflation path to within the two percent to four percent target range by 2024.

The BSP expects inflation will stay above-the-target in the near term amid broadening price pressures and second-round effects but will be closer to three percent than four percent by the second half of 2023.

BSP wants stronger email cybersecurity for banks, non-banks

by Lee C. Chipongian, Manila Bulletin

The Bangko Sentral ng Pilipinas (BSP) has issued recommendations for all its supervised financial institutions (BSFIs) to reinforce email security controls to effectively block persistent cyberthreats such as business email compromise (BEC), spam, phishing, ransomware and other malware attacks.

In a memo (Memorandum No. M-2022-043), signed by BSP Deputy Governor Chuchi G. Fonacier last Oct. 7, the BSP wants banks to adopt six recommendations for a “robust and layered security controls” as well as industry best practices already laid out in existing BSP rules and regulations on cybersecurity.

But to further enhance email security, Fonacier said BSFIs should adopt, as warranted, the security controls and best practices in safeguarding both incoming and outgoing emails.

In addition, she said BSFIs are expected to promptly report to the BSP any major email-related cyber incidents and crimes as per BSP’s rules on event-driven report and notification (EDRN) and report on crimes and losses (RCL). “In certain instances, BSFIs may need to seek assistance and cooperate with appropriate law enforcement authorities for prompt resolution of cybercrime cases, especially if cases involve public safety and security, pursuant to the Cybercrime Prevention Act of 2012 and other relevant laws and regulations,” said Fonacier.

The BSP recognizes that in the digital transformation initiatives, email is the primary means of communication in core business operations from marketing and sales, and customer support services, to logistics and supplier contracting, among others.

Fonacier said email is also used as one of the main verification and authentication factors linked to a bank, financial, or e-payment account in providing electronic payments and financial services (EPFS).

“Given the central role of email in digital communications, cyberthreats ranging from spam, phishing, ransomware and other malware attacks targeting email platforms and communications continue to confront BSFIs,” said Fonacier.

BEC has been identified as the “most prevalent and costly cyberattacks for financial clients globally”. BEC is a type of cyberattack that utilizes seemingly legitimate email accounts from another organization to fraudulently trick employees of another business into giving their credentials, money, personal information, financial details or other sensitive data, said the BSP.

According to Fonacier, most BEC attacks leverage on spoofing of a corporate or individual’s identity whereby the email address of the legitimate sender is impersonated to mislead the recipient on the sender of the email, thereby making the fraud attempt more effective.

To counter BEC and other email-related cyberattacks, the BSP recommends BSFIs to adopt the following email security controls such as “to identify and cascade whether a virus or malware infection may spread by just opening or selecting an email.”

“While this is not true for most email clients, an assessment should be conducted on the current email platform and version used especially if it enables scripting or automatic downloads and execution, which may heighten the risk of infection,” said the BSP.

Another recommendation to all BSFIs is to always inspect the email header information such as: “Received from (sender) and By (receiver)”; the “From” information which shows the sender’s name and email address; the “Reply-To” which refers to the email address that will receive replies to the email; and “Return-Path” defines where bounced emails will be processed.

The BSP also strongly advises to scrutinize the content of the email. “Phishing emails oftentimes have generic greetings and contain unfamiliar links or attachments or unsolicited requests for personal information. These emails are also unexpected and usually contain a sense of urgency that pushes the recipient to act quickly. It is advisable not to click any attachments or links unless the communication is verified,” said the BSP.

The central bank also recommends the strict adoption of the following email security controls: contact the sender of the message through a different/trusted channel to verify the validity of the email; provide guidance on how to report and handle suspicious or malicious emails based on the entity’s policies; and conduct regular phishing simulations or exercises.